Im outsourcing the development of a web app on oDesk, ive designed the front end myself and the back end is being developed using laravel / mysql.

I know a bit of php, but not enough to a) do the project myself b) audit, comment on quality / approve the code written by a third party.

To get around this i want to setup a repo were i can work with my outsourced team, which consists of

1 backend dev

2 code auditors / checkers

and myself for the front end and project management

The auditors wont actually be writing any code, rather checking the code that the backend dev has written, all parties are independent.

Its not that i dont trust the back end dev, its just that the app is to help us better manage our business, and is thus mission critical - so we need stable well written code that adheres to best practices, and that is something i cant really comment on as i dont know what im looking at.. thats why ive chosen to outsource some code auditors, with the second one as a fail safe.

I dont really want any of the partys talking to one another, i want it to all go through myself.

What i was wandering is can you in Github or BitBucket allow anonymous or hidden users to view a private project so that they can view the code and comment on it back to me, but not be able to talk directly to the back end dev ?

Then, when dev-repo has new commits, pull down the changes to your local and push them back up to audit-repo.

Auditors can then leave comments and issues on their version of the repository under audit-repo and you can then relay any issues you think dev-repo should know about without either developer or auditor team seeing each other via these private repos.